Skip to content

Update SECURITY.md to Eclipse security-handbook template#524

Merged
tortmayr merged 1 commit into
masterfrom
update-security-policy
Jul 14, 2026
Merged

Update SECURITY.md to Eclipse security-handbook template#524
tortmayr merged 1 commit into
masterfrom
update-security-policy

Conversation

@tortmayr

Copy link
Copy Markdown
Contributor

What it does

Replaces the legacy "Eclipse GLSP Vulnerability Reporting Policy" with the standardized eclipse-csi security-handbook SECURITY.md template. The same change is applied across all GLSP repositories.

  • Adopt the security-handbook template for coordinated vulnerability disclosure
  • Add GitHub private vulnerability reporting alongside the Eclipse Foundation confidential issue tracker
  • Add guidance on the information to include in a report
  • Document the supported versions

How to test

Documentation-only change. Review the rendered SECURITY.md and confirm the vulnerability-reporting links resolve.

Follow-ups

None.

Changelog

  • This PR should be mentioned in the changelog
  • This PR introduces a breaking change (if yes, provide more details below for the changelog and the migration guide)

- Adopt the standardized eclipse-csi security-handbook SECURITY.md
  template for coordinated vulnerability disclosure
- Add GitHub private vulnerability reporting alongside the Eclipse
  Foundation confidential issue tracker
- Document supported versions
@tortmayr
tortmayr force-pushed the update-security-policy branch from c161e39 to a978f87 Compare July 14, 2026 10:26
@tortmayr
tortmayr merged commit e07d42b into master Jul 14, 2026
1 check passed
@tortmayr
tortmayr deleted the update-security-policy branch July 14, 2026 10:28
@github-actions

github-actions Bot commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Preview: Removed (PR closed).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant